Mercurial > 510Connectbot
diff src/org/tn5250j/framework/transport/SSL/SSLImplementation.java @ 112:77ac18bc1b2f
cleanup java formatting
| author | Carl Byington <carl@five-ten-sg.com> |
|---|---|
| date | Wed, 18 Jun 2014 13:03:01 -0700 |
| parents | 33eb63352be5 |
| children |
line wrap: on
line diff
--- a/src/org/tn5250j/framework/transport/SSL/SSLImplementation.java Wed Jun 18 13:00:19 2014 -0700 +++ b/src/org/tn5250j/framework/transport/SSL/SSLImplementation.java Wed Jun 18 13:03:01 2014 -0700 @@ -57,149 +57,157 @@ */ public class SSLImplementation implements SSLInterface, X509TrustManager { private static final String TAG = "SSLImplementation"; - SSLContext sslContext = null; - KeyStore userks = null; - private String userKsPath; - private char[] userksPassword = "changeit".toCharArray(); + SSLContext sslContext = null; + KeyStore userks = null; + private String userKsPath; + private char[] userksPassword = "changeit".toCharArray(); TerminalBridge bridge = null; TerminalManager manager = null; String target = null; // destination:port - KeyManagerFactory userkmf = null; + KeyManagerFactory userkmf = null; - TrustManagerFactory usertmf = null; + TrustManagerFactory usertmf = null; - TrustManager[] userTrustManagers = null; + TrustManager[] userTrustManagers = null; - X509Certificate[] acceptedIssuers; + X509Certificate[] acceptedIssuers; - public SSLImplementation(TerminalBridge bridge, TerminalManager manager) { + public SSLImplementation(TerminalBridge bridge, TerminalManager manager) { this.bridge = bridge; this.manager = manager; - - } + } - public void init(String sslType, String homeDirectory) { - try { - Log.d(TAG,"Initializing User KeyStore"); - userKsPath = homeDirectory + File.separator + "keystore"; - File userKsFile = new File(userKsPath); - userks = KeyStore.getInstance(KeyStore.getDefaultType()); - userks.load(userKsFile.exists() ? new FileInputStream(userKsFile) - : null, userksPassword); - Log.d(TAG,"Initializing User Key Manager Factory"); - userkmf = KeyManagerFactory.getInstance(KeyManagerFactory - .getDefaultAlgorithm()); - userkmf.init(userks, userksPassword); - Log.d(TAG,"Initializing User Trust Manager Factory"); - usertmf = TrustManagerFactory.getInstance(TrustManagerFactory - .getDefaultAlgorithm()); - usertmf.init(userks); - userTrustManagers = usertmf.getTrustManagers(); - Log.d(TAG,"Initializing SSL Context"); - sslContext = SSLContext.getInstance(sslType); - sslContext.init(userkmf.getKeyManagers(), new TrustManager[] {this}, null); - } catch (Exception ex) { - Log.e(TAG,"Error initializing SSL [" + ex.getMessage() + "]"); - } + public void init(String sslType, String homeDirectory) { + try { + Log.d(TAG, "Initializing User KeyStore"); + userKsPath = homeDirectory + File.separator + "keystore"; + File userKsFile = new File(userKsPath); + userks = KeyStore.getInstance(KeyStore.getDefaultType()); + userks.load(userKsFile.exists() ? new FileInputStream(userKsFile) + : null, userksPassword); + Log.d(TAG, "Initializing User Key Manager Factory"); + userkmf = KeyManagerFactory.getInstance(KeyManagerFactory + .getDefaultAlgorithm()); + userkmf.init(userks, userksPassword); + Log.d(TAG, "Initializing User Trust Manager Factory"); + usertmf = TrustManagerFactory.getInstance(TrustManagerFactory + .getDefaultAlgorithm()); + usertmf.init(userks); + userTrustManagers = usertmf.getTrustManagers(); + Log.d(TAG, "Initializing SSL Context"); + sslContext = SSLContext.getInstance(sslType); + sslContext.init(userkmf.getKeyManagers(), new TrustManager[] {this}, null); + } + catch (Exception ex) { + Log.e(TAG, "Error initializing SSL [" + ex.getMessage() + "]"); + } + } - } + public Socket createSSLSocket(String destination, int port) { + if (sslContext == null) + throw new IllegalStateException("SSL Context Not Initialized"); - public Socket createSSLSocket(String destination, int port) { - if (sslContext == null) - throw new IllegalStateException("SSL Context Not Initialized"); - SSLSocket socket = null; - try { + SSLSocket socket = null; + + try { target = destination + ":" + String.valueOf(port); - socket = (SSLSocket) sslContext.getSocketFactory().createSocket( - destination, port); - } catch (Exception e) { - Log.e(TAG,"Error creating ssl socket [" + e.getMessage() + "]"); - } - return socket; - } + socket = (SSLSocket) sslContext.getSocketFactory().createSocket( + destination, port); + } + catch (Exception e) { + Log.e(TAG, "Error creating ssl socket [" + e.getMessage() + "]"); + } - // X509TrustManager Methods + return socket; + } + + // X509TrustManager Methods - /* - * (non-Javadoc) - * - * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers() - */ - public X509Certificate[] getAcceptedIssuers() { - return acceptedIssuers; - } + /* + * (non-Javadoc) + * + * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers() + */ + public X509Certificate[] getAcceptedIssuers() { + return acceptedIssuers; + } - /* - * (non-Javadoc) - * - * @see - * javax.net.ssl.X509TrustManager#checkClientTrusted(java.security.cert. - * X509Certificate[], java.lang.String) - */ - public void checkClientTrusted(X509Certificate[] arg0, String arg1) - throws CertificateException { - throw new SecurityException("checkClientTrusted unsupported"); - - } + /* + * (non-Javadoc) + * + * @see + * javax.net.ssl.X509TrustManager#checkClientTrusted(java.security.cert. + * X509Certificate[], java.lang.String) + */ + public void checkClientTrusted(X509Certificate[] arg0, String arg1) + throws CertificateException { + throw new SecurityException("checkClientTrusted unsupported"); + } - /* - * (non-Javadoc) - * - * @see - * javax.net.ssl.X509TrustManager#checkServerTrusted(java.security.cert. - * X509Certificate[], java.lang.String) - */ - public void checkServerTrusted(X509Certificate[] chain, String type) - throws CertificateException { - try { - for (int i = 0; i < userTrustManagers.length; i++) { - if (userTrustManagers[i] instanceof X509TrustManager) { - X509TrustManager trustManager = (X509TrustManager) userTrustManagers[i]; - X509Certificate[] calist = trustManager - .getAcceptedIssuers(); - if (calist.length > 0) { - trustManager.checkServerTrusted(chain, type); - } else { - throw new CertificateException( - "Empty list of accepted issuers (a.k.a. root CA list)."); - } - } - } - return; - } catch (CertificateException ce) { - X509Certificate cert = chain[0]; - String certInfo = manager.res.getString(R.string.host_cert_version) + cert.getVersion() + "\r\n"; - certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_serial) + cert.getSerialNumber() + "\r\n"); - certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_algorithm) + cert.getSigAlgName() + "\r\n"); - certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_issuer) + cert.getIssuerDN().getName() + "\r\n"); - certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_from) + cert.getNotBefore() + "\r\n"); - certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_to) + cert.getNotAfter() + "\r\n"); - certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_dn) + cert.getSubjectDN().getName() + "\r\n"); - certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_publickey) + cert.getPublicKey().getFormat() + "\r\n"); + /* + * (non-Javadoc) + * + * @see + * javax.net.ssl.X509TrustManager#checkServerTrusted(java.security.cert. + * X509Certificate[], java.lang.String) + */ + public void checkServerTrusted(X509Certificate[] chain, String type) + throws CertificateException { + try { + for (int i = 0; i < userTrustManagers.length; i++) { + if (userTrustManagers[i] instanceof X509TrustManager) { + X509TrustManager trustManager = (X509TrustManager) userTrustManagers[i]; + X509Certificate[] calist = trustManager + .getAcceptedIssuers(); + if (calist.length > 0) { + trustManager.checkServerTrusted(chain, type); + } + else { + throw new CertificateException( + "Empty list of accepted issuers (a.k.a. root CA list)."); + } + } + } + + return; + } + catch (CertificateException ce) { + X509Certificate cert = chain[0]; + String certInfo = manager.res.getString(R.string.host_cert_version) + cert.getVersion() + "\r\n"; + certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_serial) + cert.getSerialNumber() + "\r\n"); + certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_algorithm) + cert.getSigAlgName() + "\r\n"); + certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_issuer) + cert.getIssuerDN().getName() + "\r\n"); + certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_from) + cert.getNotBefore() + "\r\n"); + certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_to) + cert.getNotAfter() + "\r\n"); + certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_dn) + cert.getSubjectDN().getName() + "\r\n"); + certInfo = certInfo.concat(manager.res.getString(R.string.host_cert_publickey) + cert.getPublicKey().getFormat() + "\r\n"); bridge.outputLine(manager.res.getString(R.string.host_authenticity_warning, target)); bridge.outputLine(manager.res.getString(R.string.host_certificate, certInfo)); Boolean result = bridge.promptHelper.requestBooleanPrompt(null, manager.res.getString(R.string.prompt_accept_certificate)); + if ((result == null) || (!result.booleanValue())) { - throw new java.security.cert.CertificateException( - "Certificate Rejected"); - } + throw new java.security.cert.CertificateException( + "Certificate Rejected"); + } result = bridge.promptHelper.requestBooleanPrompt(null, manager.res.getString(R.string.prompt_save_certificate)); + if ((result != null) && (result.booleanValue())) { - try { - userks.setCertificateEntry(cert.getSubjectDN().getName(), - cert); - userks.store(new FileOutputStream(userKsPath), - userksPassword); - } catch (Exception e) { - Log.e(TAG,"Error saving certificate [" + e.getMessage() - + "]"); - e.printStackTrace(); - } - } - } - } + try { + userks.setCertificateEntry(cert.getSubjectDN().getName(), + cert); + userks.store(new FileOutputStream(userKsPath), + userksPassword); + } + catch (Exception e) { + Log.e(TAG, "Error saving certificate [" + e.getMessage() + + "]"); + e.printStackTrace(); + } + } + } + } } \ No newline at end of file